Apple security guru lays out iPad, iPhone crypto architecture at Black Hat

By , Network World |  Security, Apple, Black Hat

Basically, as is already known, apps from the Apple App Store will not run on users iOS devices unless theyre signed by Apple. Third-party developers can be issued a public-key certificate from Apple to make apps that run on Apple iOS. To build enterprise apps, developers can enroll in the iOS Developer Enterprise program. Each will find they receive an Enterprise Provisioning profile that is installed on devices they use. This provisioning profile expires annually, said De Atley.

The end result keeps Apple firmly in control over whats going on in apps running on its devices, a fact that enterprises may find beneficial or not.

Apples DeAtley said the iOS architecture fosters the concept of a unique group of encryption-based controls for every device, and entitlement, which defines a crypto-determined way to decide what applications are allowed to access on each device, based on dynamic code-signing.

It all adds up to mean software running on devices is all known to come from a particular location, he said.

For erasing data, Apple devices dont actually erase it but instead render it unobtainable because the necessary encryption key is erased. With whats called Effaceable Storage, when the user triggers the function remotely, the keys are erased with the storage.

 All this crypto processing can make performance and battery demands on a device, which is why Apple makes use of what it calls a suspended state for applications. Applications are suspended by default, until the user hits another button, De Atley said. It helps performance and battery life.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: emessmer@nww.com.

Read more about wide area network in Network World's Wide Area Network section.


Originally published on Network World |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness